-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from improper path validation during ZIP processing. The patch adds Path.sanitize() calls to both methods, and the commit message explicitly states 'Added path sanitizing to zip extraction and basedir calculus'. The original code:
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:clif-performance-testing | maven | <= 64.vc0d66de1dfb | 71.v0741865e206f |